Malware to hit 3 out of 10 Android users this year

A report finds app-based threats on the rise

If you thought your phone was safe, you, sir, were sorely mistaken. As we speak, your phone could be spying on you, getting access to all your secret passcodes, bank account information, and credit card numbers. The little bastard could even be pilfering money from you behind your back.

Now before you go thinking your phone has turned into Hal from “2001: A Space Odyssey,” it hasn’t. These attacks are the result of malware and spyware that you may have unintentionally invited into your phone when you downloaded an infected app. And a new report released Wednesday by Lookout Mobile Security finds that such malware and spyware is on the rise. One particularly troubling finding: Android users are now twice as likely to encounter malware today than they were six months ago, and three out of ten Android users are likely to encounter a Web-based threat on their device each year.

Interestingly, the report notes that while application-based threats affect both Android and iOS devices, malware and spyware have primarily targeted Android devices. iOS devices are more likely to be hit with commercial spyware apps developed specifically for jailbroken devices.

For Android phones, malware has been increasing at a faster rate than spyware, but spyware still remains the larger threat. In January 2011, 34% of all threats were malware and 66% were spyware. But as of June 2011, malware made up 48% of all threats, compared to spyware’s 52%.

Some of the tactics used by attackers are pretty crafty, so you’ll need to keep an eye out. One of the more common tactics is repackaging. A legitimate developer creates a legitimate app and uploads it to the Android market, a malicious developer gets the app and repackages it with malware/spyware and uploads the app to a third-party app store, and once a mobile user downloads the app onto his/her phone, the malicious developer can access the user’s private information remotely. The most common types of apps repackaged with malware: game apps, utility apps, and porn apps.

Repackaged apps can be tough to spot, since they look like the original, so the most a user can do to protect his/her phone is to make sure to download only from the Android marketplace or the iTunes App Store.

A more recent tactic that Lookout spotted this year was the “Update Attack,” in which a malicious developer creates an app that appears legitimate and has no malware on it, and then once the app gets a sizable user base, the developer creates an update that contains malware. Since many users set their phones to automatically update apps, an attack is easy as pie.

And attacks are increasing. In the first half of 2011, the number of unique apps with malware found on markets and download sites increased from 80 to 400 apps.

“As mobile devices grow in popularity, so do the incentives for attackers,” says Kevin Mahaffey, CTO and co-founder of Lookout Mobile Security. “We’ve seen the prevalence and the level of sophistication of mobile malware attacks evolve significantly in the first six months of 2011. We expect this trend to continue as more and more people adopt mobile devices.”